Lucene search
ContaoContao Cms
5 matches found
CVE-2019-10642
Contao 4.7 allows CSRF.
8.8CVSS8.6AI score0.00146EPSS
CVE-2017-16558
Contao 3.0.0 to 3.5.30 and 4.0.0 to 4.4.7 contains an SQL injection vulnerability in the back end as well as in the listing module.
9.8CVSS9.6AI score0.00343EPSS
CVE-2019-10641
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
9.8CVSS9.3AI score0.00266EPSS
CVE-2019-10643
Contao 4.7 allows Use of a Key Past its Expiration Date.
9.8CVSS9.3AI score0.00428EPSS
CVE-2018-20028
Contao 3.x before 3.5.37, 4.4.x before 4.4.31 and 4.6.x before 4.6.11 has Incorrect Access Control.
6.5CVSS6.4AI score0.0027EPSS